CVE-2001-1350 — HIGH (7.5) — White Hats Nepal

Q: What is CVE-2001-1350?

CVE-2001-1350 is a vulnerability with a CVSS score of 7.5 (HIGH). Cross-site scripting vulnerability in namazu.cgi for Namazu 2.0.7 and earlier allows remote attackers to execute arbitrary Javascript as other web users via the lang parameter.

Q: How severe is CVE-2001-1350?

CVE-2001-1350 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2001-1350?

Check the references section above for vendor advisories and patch information. Affected products include: Namazu Namazu.

Vulnerability Description

Cross-site scripting vulnerability in namazu.cgi for Namazu 2.0.7 and earlier allows remote attackers to execute arbitrary Javascript as other web users via the lang parameter.

CVSS Score

7.5

HIGH

AV:N/AC:L/Au:N/C:P/I:P/A:P

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL

Affected Products

Vendor	Product	Versions
Namazu	Namazu	<= 2.0.7

References

http://marc.info/?l=bugtraq&w=2&r=1&s=namazu&q=b
http://search.namazu.org/ml/namazu-devel-ja/msg02114.html
http://marc.info/?l=bugtraq&w=2&r=1&s=namazu&q=b
http://search.namazu.org/ml/namazu-devel-ja/msg02114.html

FAQ

What is CVE-2001-1350?

CVE-2001-1350 is a vulnerability with a CVSS score of 7.5 (HIGH). Cross-site scripting vulnerability in namazu.cgi for Namazu 2.0.7 and earlier allows remote attackers to execute arbitrary Javascript as other web users via the lang parameter.

How severe is CVE-2001-1350?

CVE-2001-1350 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2001-1350?

Check the references section above for vendor advisories and patch information. Affected products include: Namazu Namazu.